MacDailyNews - Where Mac news comes first

iTunes is still not releasing the update, where can I get the update and how do I install it? Help pls?..

This is probably because this update wasn't meant to improve iPhone security, it was just the update for the phones going international. Not every update is going to be hard to break, obviously if it went this fast Apple didn't make a serious effort to prevent unlocking with this patch.

This is getting a bit embarrassing for OS X and Apple. Is it that easy to really break into OS X?

Thank goodness these hackers don't have malicious intent at this point.

Also it makes me wonder if they had the same intensity in breaking into OS X on Macs, would it be that easy?

I hope not!

Come Apple, you can do better.......... Make the hackers work a bit harder!

@Shinobi

Go troll some were else

Hacking OS X probably will not be that difficult, if the hacker has root access. In the case of iPhone hack, I assume iPhone owner is giving hack code root access permission.

"This is getting a bit embarrassing for OS X and Apple. Is it that easy to really break into OS X?"

yeah common, surely you keep people who actually own and have physical access do a device out of... it.... wait.......

are you really that ill-informed?

MW: "probably"

"Also it makes me wonder if they had the same intensity in breaking into OS X on Macs, would it be that easy? "

Yes, and if they had the same type of access to your Mac - unlimited physical access, that is - it would be that easy.

Ignorant or troll? Does it matter?

So far, everyone, even the security experts, who has hacked OS X has done so on their own system or phone using their own root access.

Is it really hacking if you break into your own device?

Oh look, I erased my hard drive, OS X is shite!

I am not a Troll nor "ill-informed". I own an Intel MacBook Pro and a Mac mini. I have convinced many friends and family members to buy Macs. In fact all but a few friends/family members now own Macs.

One of the primary reasons I bought my Macs was for the stability, Unix foundation(I am a graduate Computer Science Student), and security!

I love my Macs... but Apple is starting to make me wonder about how seriously they are taking Security.

The hackers jail breaking the iphone/itouch within hours of the update releases is not what I would call being serious about security.

Most of these hackers are mostly interested in the iphone, but If they were just as focused on exploiting Macs, could they do it this easily?

I think Apple can do better than letting hackers jail break the iphone within hrs of its firmware update. I understand the the Tiff exploit in the previous Jailbreak 1.1 is an overflow exploit that had existed for a while. It should have been fixed long before now.

All the quicktime buffer overflows have gone un-patched all this time until, what last week?

Also, when Safari was first released for Windows, within 1 day they found multiple exploitable buffer overflows. Any of these could allow an attacker to own a Mac.

All I am saying is that, I want Apple to focus harder on security. If we all ignore or accept this type of behavior, we are not doing Apple or ourselves any favors.

We want our Macs/iphones as secure as possible. If these hackers can jail break the iphone so can malicious attackers. Apple needs to do better.

I hope I will not be further attacked for stating a serious concern here, that we all should care about

Apple can do better than this.

Not true...

One of the Jail breaks, if I remember correctly took root of iphones that visited a webpage. No downloads, no phishing. Just visiting a website that was crafted to do a buffer overflow to gain root access of the device.

That's basically how the additional software gets installed. Is that easy enough for you?

@ I am not a troll
if you were any type of skilled computer science student you would know that when one is attempting to crack a code base for a period of time that is longer than the upcoming update to an OS one would know to look for exploits that will remain unpatched after the update for the initial patch. what we are seeing here is a direct challenge to Jobs' own challenge regarding the cat and mouse game. Steve Jobs said they needed to stay ahead of the breakers in the iphone's cat and mouse game. He should have know that this is an unwinnable game. Apple does not have all the skilled code junkies. This breaking is a reversal to his challenge. Apple now needs to catch up not stay ahead.

Madrox199,

MDN had an earlier post with the links.

http://macdailynews.com/index.php/weblog/comments/15468/

That would be one helluva exploit if some hacker cracks the iPhone, only to brick every one of them after the delay trigger goes off.

"This is getting a bit embarrassing for OS X and Apple. Is it that easy to really break into OS X?"

I think everybody understands by now that any pretense that OS X is more secure than any other OS is a myth.

"Yes, and if they had the same type of access to your Mac - unlimited physical access, that is - it would be that easy. "

Except the iPhone isn't a system where you can just put a CD in, boot and start hacking. It's a system where all attacks must be initiated remotely or with normal user privileges from the phone.

Care to back that "myth" comment up with some facts?
Can't? Thought so.
There is not one virus, spam or spyware that can gain access to your machine without the user, obviously being an idiot, doesn't have to authenticate.
The new one, found on the porn site? Has to be authenticated. Don't do it, no issue.

Sadly the "other" OS, allows for things to be installed without the owners consent.

Doesn't add video, voice notes, or improve stability... therefore is not a necessity.

Apple's stock makes record high.... AGAIN.

The apple has fallen.

"The hackers jail breaking the iphone/itouch within hours of the update releases is not what I would call being serious about security."
So, right now, I could email you a set of instructions that will allow you to erase every file on your desktop... THAT'S your security risk? There is no system made that will offer 100% security as long as the "attacker" has access to the hardware. The hacker's aren't breaking into YOUR phone, they're breaking into their OWN phone, then posting instructions on how other's can break into THEIR own phones.

"No downloads, no phishing."
Oh, there was INDEED phishing... to the tune of "Come to our website and jailbreak your phone for free!" If you're stupid enough to go there, then you deserve whatever comes out of it.

Maybe Apple could leave some free rein to "hackers" and dedramatize the unlocking thin... after all many countries laws will forbit the phones locking, and Apple will have to sell iPhones there too.
For the moment, illegal unlocking is yet too hazardous for most of non geeks.

Again,

The previous jail break, could gain root access to the iphone by you just visiting a URL with Safari on your iPhone. It was no necessary for you to do anything than visit a web site to get rooted.

Likewise earlier in the year at the CanSec conference where a hacker won 10,000 because he broke into a Macbook pro using a similar type of exploit. That if you visited a web site, it executed a buffer overflow and he gained access to your account.

I think it only took like 9 hours for him to find this exploit. Likewise, I am aware that the iphone hackers could have already been working on another un-patched exploit before apple released their patch yesterday.

But that is exactly my point. Are that many holes in Apple's code, that 1) they are not aware of them or 2) They don't prioritize fixing them?

Either way, I want Apple needs to do better. Likewise with the CanSec contest. How long would the hole he exploited be in OS X, if it were not for that contest?

We are lucky that these Hackers are not Malicious. Please don't go to the illogical argument that You would not visit a malicious web site. Because the really good ones you can't tell the difference.

Like Alicia Keyes MySpace website, the NFL website that was hacked, and others. Many users not expecting legitimate websites to be hacked. It can happen to just about anyone as these attacks become more wide spread.

Can you pojnt to the news of the hacker winning $10K?
AFAIK that never happened

'I think everybody understands by now that any pretense that OS X is more secure than any other OS is a myth'.

Only if the FUD and misinformation has fooled all of the people all of the time my friend. That I very much doubt, though I do wonder whether you are simply one of the fools who believe it or one of the instigators of that FUD. Or of course you could simply supply the facts to support your claims, which would indeed be a real first.

On a more serious point however ie that it is a 'no win' situation for Apple to try to keep up with the hackers I simply don't agree. Succeeding in preventing or making the process too drawn out for all but the Geek without a life or his/her immediate friends, is all that they need to do to keep the problem under control in the greater market place. The main danger here would be alienating too many people who have bought such phones and have then been left high and dry upon an update and who take it out on Apple.

@Shinobi
"Can you pojnt to the news of the hacker winning $10K?
AFAIK that never happened"

Any google search will show many Articles on this hack. This one is from MacWorld.


$10,000 Mac hack affects Windows too
By Robert McMillan, IDG News Service
http://www.macworld.com/news/2007/04/25/qthack/index.php

The bug that helped security researcher Dino Dai Zovi claim a $10,000 prize at last week’s CanSecWest security conference affects Windows systems too.

That’s because the flaw that Dai Zovi exploited actually lies in the way Apple’s QuickTime Media Player works with the Java programming language, according to Terri Forslof, manager of security response at 3Com’s TippingPoint division, which put up the $10,000 prize. QuickTime runs on both Windows and the Mac.

When first reported, last week Dai Zovi’s bug was thought to lie in Apple’s Safari browser, a standard component of Mac OS X. But users of Firefox — which supports QuickTime on both Windows and the Mac — are also at risk, Forslof said Tuesday.

In terms of seriousness, the bug is comparable to the animated cursor vulnerability that was recently patched in Windows, Forslof said. The bug “is the equivalent to a ‘click and you’re owned’ vulnerability,” she said.

Shinobi:

Where is the link to this CanSec so-called "exploit"? What were the conditions and set criteria of this exploit? From your description [only took like 9 hours for him to find this exploit], it sounds like the 'hacker' had direct access to the MacBook Pro itself. For NINE hours!? Whatever that's called, it isn't called a 'hack', in the malicious sense.

I'm sure you're aware that almost all genuine, malicious hacks are committed remotely, whether on PC as is the routine, or a Mac as is yet to be seen in the wild. Currently, to exploit my Macs remotely requires me to give access by agreeing to install a web app from an unknown source. Assuming I'm not completely stupid, then that leaves me to invite some prick of a hacker into my house and offer my G5 Quad to play with. Now that's not very likely is it?

If you think I'm wrong, and there are many examples of hackers gaining direct access to a Mac then tell us in detail about them - oh, and provide a link or some other validation. In other words prove it, by providing evidence. Without being fact-checked it amounts to nothing more than personal anecdote - and therefore worthless.

@ Huey Long,

He did not have direct access to the MacBook. In fact, he was not even at the CanSec conference.

It happened, see this link...there are others too. Its the same type of thing (buffer overflow) being used to jail break the iphone.

http://www.geeksaresexy.net/2007/04/22/pwn-to-own-hack-a-mac-win-a-macbook-pro-and-10000/

Obviously there are many of these vulnerabilities in iPhone, which is why they can continue to jail break them so easily.

"you just visiting a URL with Safari on your iPhone"
And just visiting a porn site will show you porn, and visiting a mac news sites will show mac news If you go to the site, you deserve what you get. If the result jailbreaks your phone, so be it.

"Because the really good ones you can't tell the difference. "
No, YOU can't tell the difference, people using MYSPACE wanting news about Alicia Keyes and the NFL can't tell the difference.

"DUUUDE Duh en eff ell gonna gimmie a free game bawl. All i's gots ta do is enter my credit card info! SHEET!"

Re: the exploit.
The ORIGINAL contest rules were too limiting. No one could affect the target in any way SO they lowered some of the default security settings in order for something interesting to happen. No news here.

This is not about Bashing Apple, OS X or Macs. From a OS architecture standpoint, OS X, is in my opinion the most Amazing OS I have ever seen.

There is no general purpose operating system (including Linux, other *NIX OSes, & XP/Vista) even comparable to OS X. Truly a work of art and should be appreciated.

The only problem I have with Apple right now is the String of Security dings they have been getting lately. This is about keeping the pressure on Apple to keep OS X as secure as possible.

Apple has the right platform to be the security leader in operating systems. However if they don't maintain a priority on this, its not good for them or us. I hope people on this thread can understand this point.

Yes, OS X and many *NIX based systems are highly resistant to viruses. Which is great.

However, all Operating Systems are vulnerable to Buffer Overflow attacks. Which are far more dangerous than viruses.

Which is the reason why Apple added Library randomization in Leopard and before that they enabled the non-executable bit on the Stack in Tiger. Both of which makes it more difficult to exploit Buffer overflows on OS X.

What's the problem? Windoze implemented Library Randomization on Vista first and correctly. Apple's Library Randomization implementation is flawed on Leopard. Hopefully they will fix it in an update.

But if no one cares, then why should they fix it? Should they be like MicroTurd and wait for exploit after exploit, year after year, and finally decide to take security more seriously?

I want Apple to fix the Library Randomization, Leopard Firewall issues, and do a better job of finding and patching their buffer overflows.

check out this link, if you are willing to take your blinders off for a minute to objectively see what Apple has done right and wrong with the security upgrades in leopard.

http://www.matasano.com/log/981/a-roundup-of-leopard-security-features/

If you don't care about having OS X as secure as possible, then keep your blinders on and keep pretending that Apple is doing all it can to secure OS X.

If we don't keep the pressure on Apple, then who will?

Shinobi:

Nice try. The CanSecWest story is old. April 25, 2007. Written by Robert McMillan of IDG New Service.

Six days later Apple fixed this vulnerability through accessing a malicious url on May 1st, 2007 with QuickTime update 7.1.6. Here's Apple's own words about the update: ,i."An implementation issue exists in QuickTime for Java, which may allow reading or writing out of the bounds of the allocated heap. By enticing a user to visit a web page containing a maliciously-crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional bounds checking when creating QTPointerRef objects. Credit to Dino Dai Zovi working with TippingPoint and the Zero Day Initiative for reporting this issue.</i>"

So, 10 days after it was initially discovered by CanSecWest's hysterical Sean Comeau and Dragos Ruiu, who ridiculously suggested Microsoft was taking security more seriously, Apple had thanked Zovi and fixed it - before it got out in the wild. Let me repeat that. 10 days.

Oh by the way, since May 1st, there have been FIVE updates relating to security issued by Apple, along with two further updates to QuickTime, 7.2 and most recently 7.3.

Once again, nice try.

Idiots will be idiots. There is NO security that can prevent an idiotic user from being a complete dufus and giving their login information to someone who wants to do them harm. The vulnerabilities you're speaking of all involve a user DOING something harmful to themselves... either visiting a site that openly claims to alter their phone I"jailbreakme.com" isn't a clue???) or visiting a site that just so happens to want your login information when it hasn't before.

Show me an exploit that is performed on a plain ol' phone just sitting there or a plain ol' mac just sitting there and THEN we've got something scary.

@wrong again,

Oh tell the truth....

They did not lower any of the Mac's security settings at the Cansec!

The only thing they relaxed, was allowing the host of the contest to visit websites crafted by the hackers. All of the Macs security settings stayed the same.

Just by going to a website the macbook got owned just like the iphone jailbreakme hack.

Get your facts straight.

Also, you mean to tell me that an average vistor visiting a legitimate NFL website that has an embedded buffer over attack in it, should know better? It was not asking for credit card info, it was rooting their machine.

Here are some excerpts from that attack. Read the full article at
http://www.itweek.co.uk/vnunet/news/2174135/super-bowl-host-website-hacked

American Football fans looking for information on the Super Bowl in Miami may have found themselves with a nasty malware infection following a successful web attack on Friday.

Dolphin Stadium, the venue for the game, had its website compromised and injected with exploit code, a stadium spokesman told vnunet.com.

Initial reports of the attack surfaced late on Friday morning, when security firm Websense notified stadium management that the front page of the site contained a malicious piece of JavaScript.

The code attempted to exploit a pair of vulnerabilities that can allow for remote code execution.

The first, discovered in April 2006, affects Windows Data Access Components, and the second, disclosed in January 2007, affects Microsoft's Vector Markup Language component.

The malware installed a key-logger to steal information and a backdoor to allow an attacker to remotely control a system.

Whilst I applaud your concern about Apple's security. Running around screaming panic! panic! panic! about security, when a little research would've shown that Apple responded and fixed that issue within days of it becoming known.

Basically, I'm saying calm down. Apple does take security seriously, it's blindingly obvious by the speed at which they dealt with this particular issue - and others as they occur. OS X is their bread and butter and whilst there might be issues with Leopard, because of the underlying security of Unix we - on the Mac side - are inherently safer to begin with.

10.5.1 is just around the corner - exactly as 10.4.1 was. And in response to your concerns about the iPhone, it's a version 1.0 fer christ's sake, it has shaken to the foundations the entire cellphone industry around the world. Hacking your own phone isn't a serious issue as other posters have commented. It really isn't.

Oh and if you think Blackberry is any safer or more secure, I'd suggest you take off your blinders. We have both iPhone and Blackberry Pearl in this house and I know which I prefer, by a wide margin.

Okay...obviously most of you are okay with apple giving you exploitable code. And are taking the reactive approach like MicroTurd as for so many years. Release exploitable code and fix it after some one breaks into it.

I much rather for Apple to take the proactive approach, and do diligence on proofing their code for buffer overflow attack vectors and the such.

Again, the exploit in the CanSec conference was already there. For how long? Apple could have found it themselves, likewise with current exploitable code in the iphone.

Obviously there is more exploitable code in the iphone evidenced by how is quickly the iphone hackers continue to jail break it.

Thanks R2

@ HueyLong

Does it really matter if you are hacking your iphone or some esle is?

That fact is, the exploitable code they are using to hack the iphone should not be there in the first place.

Also, your computer should never be owned just by visiting a web site. That is completely unacceptable. No user, should have to even think about something like that.

Downloading and installing malicious programs is a fault of the user. However, just visiting a web site to take a look at it is not a fault of the user.

That is a fault of underlying exploitable code. This is why I am saying Apple can do better.

I am not trying to make enemies here.... A proactive approach to security is much better than a reactive one. I see people post so many comments complaining about frivolous things like glossy screens, translucent menu bar in Leopard, etc.

Security is way more important than those things. I am just trying to voice my concern as a Mac user, that I want Apple to do a better job on proofing their code.

Also, your qoute about:

"Oh and if you think Blackberry is any safer or more secure, I'd suggest you take off your blinders. We have both iPhone and Blackberry Pearl in this house and I know which I prefer, by a wide margin."

When did I ever say I thought the Blackberry was safer?

@ R2

How do I install this?

Actually, shinobi, they DID lower the security constraints in the CanSecWest conference.

For the first two days of the conference, hackers were attempting to gain access to a macbook that was sitting on the network with all default security settings. No physical access to the machine was allowed. No one could do it, so they changed the rules to allow an individual at the machine to point the browser to any website they chose. It was only then that the hack was accomplished.

In other words, it required participation on the part of the user.
They used a browser exploit to gain user-level access, not root. The machine was NOT hacked remotely. Here's an interview with the exploit author:

http://blogs.zdnet.com/security/?p=176

So, while it's not great news that someone was able to exploit a browser hole, it should also be noted that Windows is also vulnerable to this type of exploit. And it's a far cry from what happens when you put a stock, unmodified XP machine on the Internet. I believe the benchmark is, complete control within four minutes.

http://arstechnica.com/news.ars/post/20041130-4426.html

Mac and OS X security is still alive and well. It's not the gaping flaw that you are claiming it to be.

By the way, one of the primary sponsors of the CanSecWest conference is none other than Microsoft:

http://www.cansecwest.com/csw01archive.html

You don't suppose the conference organizers might've had a vested interest in showing that the Mac is just as vulnerable as Windows, do you, shinobi?

Nah, didn't think you'd agree. After all, you're a computer science student, so you know that Microsoft is a good corporate citizen who only wants to help its competitors make better products.

lol.

Well, if all you're doing is trying to push Apple to even higher levels of software development, OK, but you are still guilty of overstating the problem with a fairly hysterical tone. Sure, all Mac users would love for Apple software to never have exploitable code, but is that realistic? And if you mean to suggest that this is a standard that Apple used to meet, you've obviously forgotten about the viruses that existed for OS7, OS8 and OS9. Not as many as there were for Windows and IE, but they definitely existed. In fact, OSX has a much BETTER security record than the previous Apple OS, so Apple is getting better, not worse, and hopefully they'll continue to improve. So, which is it, are you a worrywart, or a FUDmeister?

One more point, shinobi, and it's a big one: after the user on the floor visited the website with the exploit code, he had to execute some commands in the shell! Here's the description from the interview with the hacker (see link above):

---
What was Macaulay's role?

"Deploying the exploit required someone on the ground at the conference. The exploit launched a shell so we needed someone to connect to the shell and follow the instructions to claim victory. Shane ran the actual attack and he also helped to test the exploit ahead of time."

---

Sooooo... in order for this exploit to occur, I have to visit the website, which will open a shell on my desktop, then I have to type some stuff into the shell in order to GIVE access to the exploiting code.

Ummm... I'm very worried right about now... Slowly backing away from the keyboard... you never know what I might do...

This is a stupid hack! It's approximately the equivalent of: You want to steal my car, mister? Oh, okay... here, let me start the engine for you... yep, it's got a full tank... climb on in, watch your head there... it sorta pulls a little when you turn right... be sure to buckle up! Bye, now, have a nice day!!

@macPinche,

The CanSec only allowed the attendants at the conference on their local sub net. They blocked everyone else outside of the local subnet.

So the the actual hacker that created the exploit had to email it to his buddy physically attending the conference since he had access to the local subnet. Obviously, he also sent him the instructions, which is to open a shell.

The shell was not on the target Mac. Neither had access to the target Mac. If the CanSec allowed hackers outside of the subnet to participate, this step would not have been necessary.

So no shell on your desktop is necessary. Do you understand?

That is not my understanding. I've read several accounts stating that after the initial two days of failure, that the person on the floor was actually given physical access to the machine being hacked.

Do you have a link that supports your statement that there was no physical access and that the shell window was not on the machine being hacked?

@macPinche

Also, regarding Microsoft being one of the chief sponsors of the CanSec is really irrelevant. Of course Microsoft was tickled to death at having an opportunity to make OS X look bad.

I am not disputing that point. Its really a case in point, that OS X had exploitable code in it for whoever wanted to take the time to find it and exploit it remotely.

The exploit was real that's why Apple patched it so quickly.

Apple can find many of these holes themselves, but they are not doing it. Most of these hackers use automated tools to find weaknesses in code by overloading inputs. Typically they will be found.

Some of the hackers have admitted that Apple could easily do the same thing and patch these vulnerabilities before releasing their code.

They are not doing anything that Apple cannot do. Why is this so hard to understand.

I am NOT saying OS X is not a good OS or is not as good as some other OS.

I am saying Apple can do better at proofing their code that's it. Can they find every vulnerability? No....

Can they find many of the ones other hackers/security researchers have found? Yes....

Ahh... I think you are correct.

So there was someone at the target machine who browsed to the malicious website. At that point, the "man on the floor" typed some commands into a separate machine's shell -- not the one being attacked -- which ultimately granted user access to the target machine.

Is that your understanding?

Which machine did you run it against?

"It was the 15-inch MacBook. We used a remote browser exploit to get user-level access. We didn't attempt an attack against the 17-inch, which required root access."

So after a 3-day conference with dozens of professional hackers trying to win a 17-inch macbook pro, they couldn't get root access to the machine.

@Shinobi,

Yes that is my understanding...

Yes, they did not get root on either Machine because Apple follows a much stricter security policy of "Least Privildge" on Macs.

Apple does not follow principle of Least Privilege on the iPhone. Every process runs with root privileges, which in the UNIX world proved a really bad idea over 20 years ago.

And Apple is proving its a bad idea all over again as evidenced with all the iphone jail breaks. The hackers gaining root to the iPhone this way.

Please understand we are on the same team. I am not bashing OS X or Apple.

Geez, people, Shinobi may have phrased it in a way that you didn't like, but as I've read through this thread, it is clear that he actually bothered to critically READ what happened at CanSec West.

Here it is, in a nusthell: A MacBook Pro survived direct attacks. Then it was asked to visit a website. Merely viewing that website (no downloads, etc.) caused a buffer overflow that gave the remote attacker user-level (not root - but all of your personal files are accessible to you user-level account) access to the Mac. The shell thing was NOT something where someone got to sit AT the hacked machine. Instead, it was that the guy who made the website wasn't AT the contest physically, so he had someone who was there connect (through the network!) to the shell (invisible, for those who don't know - a shell is just a running process, it doesn't mean, as some here seem to think, that a Terminal window popped up) who could follow the directions given by the contest organizers to show remote control. That's what Macaulay did.

So, using this hack, combined with a hack of some website that Mac users like to visit (which happens sometimes, by the way - anyone out love Quicksilver as much as I do? See http://blacktree.cocoaforge.com/forums/viewtopic.php?t=7572&highlight=hacked ), would allow that person to, for example, read all of your email, look into any saved financial documents you have, read all your web browser cookie files and thus get access to some of your online accounts, delete any personal file the attackers wants to, and much more.

Sound bad? It is. That's why Apple fixed it so fast. The problem is that the vulnerability didn't spring into existence when it was found by Dino Dai Zovi - it had been around for a while.

Every time I see people overreact to the truth that Mac OS X could, in theory, be hacked by someone, it irritates me. It gives credence to the idiot tech pundits out there that set up the strawman of "Mac users think they are invulnerable." Any informed Mac user knows that there are vulnerabilities. The nice thing is that those are harder to find on the Mac because there aren't as many, they expose less of the system, and they are very hard to hit without any action by the targeted user. However, as the CanSec hack shows, visiting a webpage (even a seemingly innocuous one!) could cause you a lot of grief. It seems to me that Shinobi was just saying that he hopes Apple becomes even more proactive about this kind of problem. I think they are trying, and hopefully will improve the memory randomization feature in Leopard, as well as other issues. Proactive is good, reactive is Microsoft.

Krioni,
If you ever say that again I will track you down and rip your lungs out! Is that what you mean by over reacting?

@Krioni

Thank You!

Lord:
Nah. I was thinking more in the "You don't even HAVE lungs" school of thought.

Intel Mac's have EFI.

You think Mac OS X has security issues, how about a OS like firmware level that can contact the internet and read your hard drive without the OS even running?

Have some malicious code in EFI, you could be reinstalling your OS all day and still be PWNED.

Apple doesn't even manage EFI, the UEFI Group does, which includes Microsoft.

http://refit.sourceforge.net/

Shinobi,

Whoa there, fella. I'm not sure what scenario you're postulating about EFI. Are you worrying that Apple will do something shady? I don't think you are, but you left it kind of vague.

Are you saying that someone could install EFI software without your knowledge? That would be extremely hard. Don't you need root (and a reboot) to do that? I'm actually not sure, but that seems to be a pretty extreme thing to worry about. Let's stick to problems that are within the realm of likelihood before we go conjuring up nightmares. That's the opposite end of the spectrum from the "lah, lah, lah. I can't hear you" folks (which I don't think there are many of, and it annoys me when some journalist claims they are the majority of Mac users).

You mean "shady" like in disabling a device that you own, which they feel you shouldn't use in any way they don't authorize?